2020-12-04 07:40:16 +11:00
|
|
|
.Dd $Mdocdate: December 03 2020 $
|
|
|
|
.Dt VGER 8
|
|
|
|
.Os
|
|
|
|
.Sh NAME
|
|
|
|
.Nm vger
|
|
|
|
.Nd inetd gemini server
|
|
|
|
.Sh SYNOPSIS
|
|
|
|
.Nm vger
|
|
|
|
.Op Fl l Ar lang
|
|
|
|
.Op Fl v
|
|
|
|
.Op Fl d Ar path
|
2020-12-04 08:59:39 +11:00
|
|
|
.Op Fl u Ar username
|
2020-12-04 07:40:16 +11:00
|
|
|
.Sh DESCRIPTION
|
|
|
|
.Nm
|
|
|
|
is a secure gemini server that is meant to be run on
|
|
|
|
.Xr inetd 8
|
|
|
|
behind a relay daemon offering TLS capabilities like
|
|
|
|
.Xr relayd 8 .
|
2020-12-04 08:02:16 +11:00
|
|
|
.Pp
|
|
|
|
If an incoming gemini query doesn't explicitly request a file,
|
|
|
|
.Nm
|
|
|
|
will serves a default "index.gmi" file if present.
|
2020-12-04 07:40:16 +11:00
|
|
|
.Sh OPTIONS
|
|
|
|
.Bl -tag -width Ds
|
|
|
|
.It Op Fl l Ar lang
|
|
|
|
Set the default lang in the return code to
|
|
|
|
.Ar lang
|
|
|
|
instead of "en".
|
|
|
|
.It Op Fl v
|
|
|
|
Enable virtualhost support, the hostname in the query will be considered as a directory name.
|
2020-12-04 07:59:22 +11:00
|
|
|
As example, for request gemini://hostname.example/file.gmi
|
2020-12-04 07:40:16 +11:00
|
|
|
.Nm
|
2020-12-04 07:59:22 +11:00
|
|
|
will read the file /var/gemini/hostname.example/file.gmi
|
2020-12-04 07:40:16 +11:00
|
|
|
.It Op Fl d Ar path
|
|
|
|
Use
|
|
|
|
.Ar path
|
|
|
|
instead of the default "/var/gemini/" path to look for files.
|
|
|
|
On
|
|
|
|
.Ox
|
|
|
|
.Nm
|
|
|
|
will use
|
|
|
|
.Xr unveil 2
|
|
|
|
on this path in read-only to prevent file access outside this directory.
|
2020-12-04 08:59:39 +11:00
|
|
|
.It Op Fl u Ar username
|
|
|
|
Enable
|
|
|
|
.Xr chroot 2
|
|
|
|
on the data directory and then drop privileges to
|
|
|
|
.Ar username .
|
|
|
|
This requires
|
|
|
|
.Nm
|
|
|
|
to be run as root user.
|
2020-12-04 07:40:16 +11:00
|
|
|
.El
|
|
|
|
.Sh DEPLOYMENT
|
|
|
|
.Nm
|
|
|
|
is meant to be run by
|
|
|
|
.Xr inetd 8 .
|
|
|
|
.Nm
|
|
|
|
can be used on any port because it won't be public.
|
|
|
|
.Pp
|
|
|
|
/etc/inetd.conf example using a dedicated gemini_user:
|
|
|
|
.Bd -literal -offset indent
|
|
|
|
11965 stream tcp nowait gemini_user /usr/local/bin/vger vger
|
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
The public port TCP/1965 must be served by a daemon like
|
|
|
|
.Xr relayd 8
|
|
|
|
which negociate TLS connections and forward them
|
|
|
|
to the inetd daemon on the
|
|
|
|
.Nm
|
|
|
|
port.
|
|
|
|
.Pp
|
|
|
|
.Xr relayd.conf 5
|
|
|
|
configuration example:
|
|
|
|
.Bd -literal -offset indent
|
|
|
|
log connection
|
|
|
|
relay "gemini" {
|
2020-12-04 07:59:22 +11:00
|
|
|
listen on hostname.example port 1965 tls
|
2020-12-04 07:40:16 +11:00
|
|
|
forward to 127.0.0.1 port 11965
|
|
|
|
}
|
|
|
|
.Ed
|
2020-12-05 04:57:15 +11:00
|
|
|
.Sh EXIT STATUS
|
|
|
|
.Ex -std vger
|
2020-12-04 07:40:16 +11:00
|
|
|
.Sh SEE ALSO
|
2020-12-04 08:59:39 +11:00
|
|
|
.Xr chroot 2 ,
|
2020-12-04 07:40:16 +11:00
|
|
|
.Xr unveil 2 ,
|
|
|
|
.Xr relayd.conf 5 ,
|
|
|
|
.Xr inetd 8 ,
|
|
|
|
.Xr relayd 8
|
|
|
|
.Sh AUTHORS
|
|
|
|
.An See the LICENSE file for the authors .
|
|
|
|
.Sh LICENSE
|
|
|
|
See the LICENSE file for the terms of redistribution.
|